Cybercrime, Financial Services and Hacking

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Japan s Financial Services Agency (FSA) reported that the damage caused by unauthorized access to and transactions on internet trading services is increasing.

Financial Services

Financial Services Passwords Accountability Antivirus

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unauthorized activity on systems in a limited number of its locations. The company has yet to disclose a data breach.

Financial Services

Financial Services Hacking Ransomware Data breaches

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Pompompurin has been a thorn in the side of the FBI for years.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail

Retail Advertising Cryptocurrency Marketing

Toyota Financial Services discloses a data breach

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services

Financial Services Data breaches Identity Theft Banking

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016.

Hacking

Hacking Cybercrime Ransomware Government

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Security Affairs

OCTOBER 31, 2024

Interbank , formally the Banco Internacional del Perú Service Holding S.A.A. is a leading Peruvian provider of financial services has over 2 million customers. Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online.

Data breaches

Data breaches Financial Services Hacking Mobile

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

Confirmed thefts attributed to the group include the 2016 hacking of the SWIFT payment system for Bangladesh Bank, which netted thieves $81 million; $6.1 million in August 2020 from a financial services company based in New York. billion from banks and other victims worldwide.

Cryptocurrency

Cryptocurrency Financial Services Banking Government

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches

Data breaches Cybercrime Financial Services Hacking

NY Department of Financial Services Issues Cyber Fraud Alert to Auto Insurers

Hot for Security

FEBRUARY 24, 2021

The New York Department of Financial Services (NYDFS) has issued an alert to instant-quote websites, particularly car insurers, warning of a growing campaign to steal nonpublic information (NPI). The attackers captured the full, unredacted driver’s license numbers without going any further in the process and abandoned the quote.”.

Financial Services

Financial Services Insurance Cybercrime Hacking

Microsoft seized 240 sites used by the ONNX phishing service

Security Affairs

NOVEMBER 23, 2024

Microsoft disrupted the ONNX phishing service, seizing 240 sites and naming an Egyptian man as the operator behind the operation. Microsoft announced the disruption of the ONNX phishing service, another success against cybercrime which led to the seizure of 240 sites. ” reads the analysis published by Microsoft.

Phishing

Phishing Cybercrime Financial Services Media

Would You Have Fallen for This Phone Scam?

Krebs on Security

APRIL 28, 2020

The request for the last four of the customer’s credit card number was consistent with my own testing, which relied upon on a caller ID spoofing service advertised in the cybercrime underground and aimed at a Citi account controlled by this author. A screen shot from an underground store selling CVV records. Click to enlarge.

Scams

Scams Banking Accountability Financial Services

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Hacking

Hacking VPN Advertising Government

Morgan Stanley discloses data breach after the hack of a third-party vendor

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The hack of the FTA server took place in March, but the hacker had access to the data of Morgan Stanley customers in May. Pierluigi Paganini.

Data breaches

Data breaches Hacking Banking Financial Services

DMM Bitcoin halts operations six months after a $300 million cyber heist

Security Affairs

DECEMBER 3, 2024

At the time, cryptocurrency security firm Elliptic reported that this incident would be the eighth-largest crypto heist of all time, and the largest since the $477 million hack suffered by FTX, in November 2022. Elliptic also confirmed it has identified the wallets involved in the attack.

Cryptocurrency

Cryptocurrency Financial Services Accountability Hacking

Google TAG report Q1 details about nation-state hacking and disinformation

Security Affairs

MAY 28, 2020

The Google Threat Analysis Group (TAG) is a group inside the Google’s security team that tracks operations conducted by nation-state actors and cybercrime groups. A first scaring trend reported by Google is the rising of hack-for-fire companies currently operating out of India. Pierluigi Paganini.

Hacking

Hacking Advertising Healthcare Financial Services

SEC announces sanctions against entities over email account hacking

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability

Accountability Hacking Financial Services Cybersecurity

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

This is an important achievement in the fight against cybercrime. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA) The post Law enforcement operation seized Ragnar Locker group’s infrastructure appeared first on Security Affairs.

Ransomware

Ransomware Financial Services Cybercrime Manufacturing

Documents Unsealed: North Korea's Global Hacking Campaign

SecureWorld News

FEBRUARY 18, 2021

It may be the most complete picture we've ever had of North Korean hacking campaigns. The unsealed documents highlight a number of attack targets and motives in an effort to hack, digitally intrude, and defraud. The hacking indictment filed in the U.S. North Korean hacking methods and attack vectors. global targets.

Hacking

Hacking Cryptocurrency Computers and Electronics Banking

Papua New Guinea ‘s finance ministry was hit by a ransomware

Security Affairs

OCTOBER 29, 2021

“The government and the people of Papua New Guinea can be assured that the government financial services will continue as usual,” Pundari said. SecurityAffairs – hacking, cybercrime). The government was not able to pay cheques and ordinary operations were impacted. Pierluigi Paganini.

Ransomware

Ransomware Government Financial Services Cybercrime

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches

Data breaches Cybercrime Firewall Ransomware

Pacific City Bank hit by AVOS Locker Ransomware

Security Affairs

SEPTEMBER 5, 2021

On Saturday, September 4, 2021, the ransomware gang added the bank to its leak site and published some screenshots as proof of the hack. “Pacific City Bank provides outstanding banking and financial services for businesses and consumers. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Banking

Banking Ransomware Financial Services Hacking

Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 19, 2023

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine The board of directors of OpenAI fired Sam Altman Medusa ransomware gang claims the hack of Toyota Financial Services CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog (..)

Data breaches

Data breaches Identity Theft Ransomware Hacking

Hackers target financial firms hosting malicious payloads on Google Cloud Storage

Security Affairs

DECEMBER 26, 2018

Researchers at Menlo Labs uncovered a malicious email campaign targeting employees of banks and financial services companies abusing Google Cloud Storage. Experts analyzed some malicious VBS scripts that were highly obfuscated and were likely created by one of the builder available in the cybercrime underground.

Financial Services

Financial Services Cybercrime Malware Advertising

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

The recent cyber-attacks by an Iranian-backed cybercriminal group on a water utility in Aliquippa , Pennsylvania by targeting an Israeli-made SCADA system exemplify incidents teetering on the edge of cyberterrorism and cybercrime.

Cyber threats

Cyber threats Energy and Utilities Artificial Intelligence Cyber Attacks

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

MARCH 14, 2024

The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. Stolen data included corporate files and personal information Nissan refused to pay the ransom and the cybercrime group published the alleged stolen files.

Data breaches

Data breaches Identity Theft Financial Services Cybercrime

Microsoft: Cybercrime Group Launches 'Targeted Attack' Against Customers

SecureWorld News

JUNE 29, 2021

The hacking group behind the infamous SolarWinds incident, Nobelium, is making headlines again. The Microsoft Threat Intelligence Center says it has observed new activity from the cybercrime group, mainly password spay and brute-force attacks.

Cybercrime

Cybercrime Financial Services Accountability Passwords

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Security Affairs

SEPTEMBER 9, 2023

The cybercrime group claims to have stolen 1 TB of data from the hospital and threatens to leak it. The network of Israel’s Mayanei Hayeshua was hacked in early August, the attack disabled the hospital’s administrative computer systems, but did not impact the operations of any medical equipment.

Ransomware

Ransomware Financial Services Encryption Cybercrime

LoanDepot data breach impacted roughly 16.6 individuals

Security Affairs

JANUARY 23, 2024

Financial services company LoanDepot disclosed a data breach that impacted roughly 16.6 LoanDepot is a financial services company that primarily operates as a mortgage lender. The company provides a range of mortgage and non-mortgage loan products and services. million individuals. million individuals.

Data breaches

Data breaches Financial Services Ransomware Encryption

Threat actors stole $19 million worth of crypto assets from Cream Finance

Security Affairs

AUGUST 31, 2021

Finance is a decentralized lending protocol for individuals, institutions and protocols to access financial services. 1/4 @CreamFinance was exploited in (one hack tx: [link] ), leading to the gain of ~$18.8M SecurityAffairs – hacking, DeFi ). It promises earnings to users who are passively holding ETH or wBTC.

Cryptocurrency

Cryptocurrency Hacking Financial Services Marketing

GUEST ESSAY: Massive NPD breach tells us its high time to replace SSNs as an authenticator

The Last Watchdog

SEPTEMBER 24, 2024

Related: Class-action lawsuits pile up in wake of NPD hack So what’s the connection? Online credit bureaus, like Equifax, Experian, and TransUnion, often see an uptick in new users after breaches because consumers realize the potential risks to their financial well-being and identity. NPD reported the exposure of over 2.7

Authentication

Authentication Identity Theft Banking Data breaches

Security Affairs newsletter Round 449 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Ransomware

Ransomware Data breaches Hacking Financial Services

The danger of data breaches — what you really need to know

Webroot

APRIL 22, 2025

Chances are youve received at least one of these letters, which means you have been put at risk for identity theft and major financial losses. Data breaches occur when sensitive, protected, or confidential data is hacked or leaked from a company or organization. What are data breaches and how do they happen?

Data breaches

Data breaches Identity Theft Passwords eCommerce

Corporate Finance firms leak 500K+ legal and financial documents online

Security Affairs

MARCH 17, 2020

Advantage and Argus seem to be the same company working under two different names, they offer funding and startup capital to business owners without access to traditional lending and financial services. SecurityAffairs – financial documents, cybercrime). The researchers discovered the unsecured database in December 2019.

Banking

Banking Advertising Financial Services Cybercrime

Microsoft: Cybercrime Group Launches 'Targeted Attack' Against Customers

SecureWorld News

JUNE 29, 2021

The hacking group behind the infamous SolarWinds incident, Nobelium, is making headlines again. The Microsoft Threat Intelligence Center says it has observed new activity from the cybercrime group, mainly password spray and brute-force attacks.

Cybercrime

Cybercrime Financial Services Accountability Passwords

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs

DECEMBER 4, 2023

The experts called it ‘prepositioning’ to analyze the response from financial organizations globally and the reaction of the market. LockBit specifically targeted ICBC Financial Services (ICBC FS), a wholly owned U.S. subsidiary of the state-owned lender, which plays a critical role in the world of international finance.

Ransomware

Ransomware Banking Financial Services Marketing

NEW TECH: Cequence Security’s new ‘API Sentinel’ helps identify, mitigate API exposures

The Last Watchdog

JUNE 17, 2020

Related: Defending botnet-driven business logic hacks APIs made possible the astounding cloud, mobile and IoT services we have today. A great example of this, Keil points out, is the Open Financial Exchange ( OFX , ) the data-stream format that enables wire transfers to be carried out across the Internet.

Digital transformation

Digital transformation Internet Internet Hacking

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Data breaches Financial Services Scams

Murder-for-hire, money laundering, and more: How organised criminals work online

Malwarebytes

NOVEMBER 11, 2021

Of course, we’re interested from a cybercrime point of view. Cybercrime. Cybercrime in this report includes the creation and spread of malware, hacking to steal sensitive personal or industry data, denial of service attacks to cause financial and/or reputational damage, and other criminal activities.

Cybercrime

Cybercrime Encryption Cryptocurrency Advertising

BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

Security Affairs

DECEMBER 15, 2023

Resecurity’s HUNTER (HUMINT) unit spotted the BianLian , White Rabbit , and Mario ransomware gangs collaborating in a joint extortion campaign targeting publicly-traded financial services firms. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Financial Services Cyber Attacks Passwords

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

Security Affairs

AUGUST 21, 2021

The vulnerabilities are exploited remotely through Microsoft Exchange’s Client Access Service (CAS) running on port 443 in IIS. The vulnerabilities were discovered by security Researcher Tsai orange from Devcore, the issues were awarded $ 200,000 during the April 2021 Pwn2Own hacking contest. — 0patch (@0patch) August 19, 2021.

Ransomware

Ransomware Hacking Financial Services Encryption

Biden vs. Putin on Cyber and a 'No Hack' List

SecureWorld News

JUNE 17, 2021

sectors that need to be on Russia's no-hack list. The FBI attributes the attack to DarkSide, a Russia-based cybercrime group. Biden says he gave Putin a list of 16 U.S. This list appears to follow a critical infrastructure list identified by the Cybersecurity & Infrastructure Security Agency (CISA).

Hacking

Hacking Ransomware Media Internet

19-Year-Old man arrested for misusing leaked record from Optus Breach

Security Affairs

OCTOBER 6, 2022

The database belonging to the company was leaked on a cybercrime forum. SecurityAffairs – hacking, Optus). The authorities determined that data used in this criminal activity were from the 10,200 records stolen from the telecommunications giant last month. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches

Data breaches Scams Telecommunications Financial Services

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Medusa ransomware gang claims the hack of Toyota Financial Services

Webinars

Trending Sources

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Webinars

An Interview With the Target & Home Depot Hacker

Toyota Financial Services discloses a data breach

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

U.S. Indicts North Korean Hackers in Theft of $200 Million

15 billion credentials available in the cybercrime marketplaces

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

NY Department of Financial Services Issues Cyber Fraud Alert to Auto Insurers

Microsoft seized 240 sites used by the ONNX phishing service

Would You Have Fallen for This Phone Scam?

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Morgan Stanley discloses data breach after the hack of a third-party vendor

DMM Bitcoin halts operations six months after a $300 million cyber heist

Google TAG report Q1 details about nation-state hacking and disinformation

SEC announces sanctions against entities over email account hacking

Law enforcement operation seized Ragnar Locker group’s infrastructure

Documents Unsealed: North Korea's Global Hacking Campaign

Papua New Guinea ‘s finance ministry was hit by a ransomware

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Pacific City Bank hit by AVOS Locker Ransomware

Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION

Hackers target financial firms hosting malicious payloads on Google Cloud Storage

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Nissan Oceania data breach impacted roughly 100,000 people

Microsoft: Cybercrime Group Launches 'Targeted Attack' Against Customers

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

LoanDepot data breach impacted roughly 16.6 individuals

Threat actors stole $19 million worth of crypto assets from Cream Finance

GUEST ESSAY: Massive NPD breach tells us its high time to replace SSNs as an authenticator

Security Affairs newsletter Round 449 by Pierluigi Paganini – INTERNATIONAL EDITION

The danger of data breaches — what you really need to know

Corporate Finance firms leak 500K+ legal and financial documents online

Microsoft: Cybercrime Group Launches 'Targeted Attack' Against Customers

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

NEW TECH: Cequence Security’s new ‘API Sentinel’ helps identify, mitigate API exposures

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Murder-for-hire, money laundering, and more: How organised criminals work online

BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

Biden vs. Putin on Cyber and a 'No Hack' List

19-Year-Old man arrested for misusing leaked record from Optus Breach

Stay Connected